usa.72tv.ru Open in urlscan Pro
37.143.9.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Submission: On February 07 via manual (February 7th 2023, 3:05:45 pm UTC) from GB — Scanned from PL

Summary HTTP 92 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 17 domains to perform 92 HTTP transactions. The main IP is 37.143.9.70, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is usa.72tv.ru.

This is the only time usa.72tv.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	37.143.9.70 37.143.9.70	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
1	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
1	142.251.39.42 142.251.39.42	15169 (GOOGLE) (GOOGLE)
1	142.251.208.170 142.251.208.170	15169 (GOOGLE) (GOOGLE)
8	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	216.239.38.178 216.239.38.178	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2 3	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 4	77.88.21.119 77.88.21.119	13238 (YANDEX) (YANDEX)
2	64.233.166.156 64.233.166.156	15169 (GOOGLE) (GOOGLE)
5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	142.250.180.228 142.250.180.228	15169 (GOOGLE) (GOOGLE)
1	142.251.208.99 142.251.208.99	15169 (GOOGLE) (GOOGLE)
14	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
1	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
4	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
5	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
1 2	52.51.214.106 52.51.214.106	16509 (AMAZON-02) (AMAZON-02)
3 6	195.177.217.225 195.177.217.225	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
1 2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
3	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
2 6	185.11.128.197 185.11.128.197	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
7	35.171.245.46 35.171.245.46	14618 (AMAZON-AES) (AMAZON-AES)
92	28

14 37.143.9.70 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: hosted-by.ihc.ru

usa.72tv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.42 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.170 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.194 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.38.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.202.52 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.88.21.119 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.166.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.228 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f3.1e100.net

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.214.106 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-214-106.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 195.177.217.225 (Poland) 3 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-195-177-217-225.dataspace.pl

pro.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adocean-pl.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.11.128.197 (Poland) 2 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-185-11-128-197.dataspace.pl

myao.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.171.245.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-245-46.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1957 adservice.google.com — Cisco Umbrella Rank: 70	55 KB
14	72tv.ru usa.72tv.ru	506 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	217 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 716 static.adsafeprotected.com — Cisco Umbrella Rank: 616 dt.adsafeprotected.com — Cisco Umbrella Rank: 557	100 KB
9	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 ad.doubleclick.net — Cisco Umbrella Rank: 184	20 KB
6	adocean.pl 2 redirects myao.adocean.pl — Cisco Umbrella Rank: 122568	63 KB
6	gemius.pl 3 redirects pro.hit.gemius.pl — Cisco Umbrella Rank: 52432 adocean-pl.hit.gemius.pl — Cisco Umbrella Rank: 299761	2 KB
6	adform.net track.adform.net — Cisco Umbrella Rank: 3696 s1.adform.net — Cisco Umbrella Rank: 8046	39 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3735	59 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9617	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	google.pl www.google.pl — Cisco Umbrella Rank: 16135 adservice.google.pl — Cisco Umbrella Rank: 28681	939 B
2	gstatic.com fonts.gstatic.com	70 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 295	21 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	49 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	601 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	43 KB
92	17

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com usa.72tv.ru
14	usa.72tv.ru	usa.72tv.ru
8	pagead2.googlesyndication.com	usa.72tv.ru pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	myao.adocean.pl	2 redirects googleads.g.doubleclick.net myao.adocean.pl
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com usa.72tv.ru
4	adocean-pl.hit.gemius.pl	2 redirects googleads.g.doubleclick.net
4	track.adform.net	googleads.g.doubleclick.net s1.adform.net
4	mc.yandex.ru	1 redirects usa.72tv.ru
3	static.adsafeprotected.com	pixel.adsafeprotected.com googleads.g.doubleclick.net
3	counter.yadro.ru	2 redirects usa.72tv.ru
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	pro.hit.gemius.pl	1 redirects googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	1 redirects s1.adform.net
2	s1.adform.net	track.adform.net s1.adform.net
2	www.google.com	usa.72tv.ru tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.pl	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.pl	usa.72tv.ru
1	ajax.googleapis.com	usa.72tv.ru
1	fonts.googleapis.com	usa.72tv.ru
1	www.googletagmanager.com	usa.72tv.ru
92	28

This site contains links to these domains. Also see Links.

Domain
72tv.ru
www.gravatar.com
www.liveinternet.ru
vkontakte.ru
twitter.com
www.facebook.com
plus.google.com
www.odnoklassniki.ru

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.pl GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2023-01-30` - `2024-02-06`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh

This page contains 9 frames:

Primary Page: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Frame ID: F273FA7E7BF8A840568B97FBD945FAC2
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
Frame ID: 556715B176C0ABBA2E7836B725CE8D76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&adk=1812271804&adf=3025194257&lmt=1675782341&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x945_r&format=0x0&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&ea=0&pra=5&wgl=1&dt=1675782340664&bpp=2&bdt=559&idt=341&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1456433704976&frm=20&pv=2&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=651
Frame ID: F24BAA51467221ED8C69654D7EE1C747
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Frame ID: 0E6A5B634FBF4255CCDFB2B73C30DB85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=240&slotname=8953454111&adk=169436648&adf=840352070&pi=t.ma~as.8953454111&w=240&lmt=1675782341&format=240x240&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&wgl=1&dt=1675782340664&bpp=1&bdt=558&idt=384&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ThOAuoOnGE&p=http%3A//usa.72tv.ru&dtd=666
Frame ID: 916D6DDF105660AA9A1174E8C3A17E64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CzsxHxWjiY8fwGoHGiAOT6qDQCs_ZtZNczPrvubQJwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU1Njg2OTAwMDUyNTQ4MDfIAQmpAt65rMmmVYM-qAMBqgTrAU_QtDrhdNU8NBt6ZTDcCe36U4cjyEuB1t2HKS7NCO-1ULvBRaVCY0tjgVikPZTH7KRHlJwNexG4w4D9_BBUBvaep24DvUGcbirNIXn8XWveGsDdqggWU-VW1BMuT4-iESGbmrNr6K8Uc-GxJEku8ULHs9OTo6M1BrmO2Ngzxx6_jUAsBTiyg8pXqvwEZAp_wvHNCEWIm73LfwHBKzncg6IOfxmtN4FDbczGYayUyoYDWu7CyZ2qBCT3YHwLXNV0Qfgbr_JPwOV1BUA2mmoX_c0erO7sXKAie9QgRSjGAysjKE-SWBGq-PNGSMiABuvN9JSJmOOJ2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1Njg2OTAwMDUyNTQ4MDcYAA&sigh=Mbe-PU-ATfw&uach_m=[UACH]&cid=CAQSGwDUE5ymQaVSfDqB3Ljjebdda291gpMvbg5YVxgB
Frame ID: 5F81BD301448E97768B6034FF6DB11A1
Requests: 30 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EFF1326609B0E9363C53E9F5944EC73F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 25FF89DCF07C20EA3874BD759E7ABFFE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19EE00E7D7CF2DFBFFF6DABD79C64911
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

vaserepair29 » America-Europe-Leisure Blog!

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdOcean (Advertising) Expand

Overall confidence: 80%
Detected patterns

adocean\.pl

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

75 %
HTTPS

0 %
IPv6

17
Domains

28
Subdomains

28
IPs

5
Countries

1262 kB
Transfer

2582 kB
Size

25
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://72tv.ru/main-menu.html
Title: От Сайта

Search URL Search Domain Scan URL

URL: http://72tv.ru/postcards/happy-birthday/
Title: Чуточку о сайте

Search URL Search Domain Scan URL

URL: http://72tv.ru/privacy-policy.html
Title: О Политике конфиденциальноти

Search URL Search Domain Scan URL

URL: http://72tv.ru/postcards/cards-for-girls/
Title: Как написать рассказ

Search URL Search Domain Scan URL

URL: http://www.gravatar.com/
Title: Gravatar

Search URL Search Domain Scan URL

URL: http://72tv.ru/healthy-dialogue/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://vkontakte.ru/share.php?url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=vaserepair29%20%C2%BB%20America-Europe-Leisure%20Blog!&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&t=vaserepair29%20%C2%BB%20America-Europe-Leisure%20Blog!

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29

Search URL Search Domain Scan URL

URL: http://www.odnoklassniki.ru/dk?st.cmd=addShare&st._surl=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&title=vaserepair29%20%C2%BB%20America-Europe-Leisure%20Blog!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//usa.72tv.ru/usa/index.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29;hvaserepair29%20%BB%20America-Europe-Leisure%20Blog%21;0.251238004761688 HTTP 302
https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//usa.72tv.ru/usa/index.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29;hvaserepair29%20%BB%20America-Europe-Leisure%20Blog%21;0.251238004761688 HTTP 302
https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//usa.72tv.ru/usa/index.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29;hvaserepair29%20%BB%20America-Europe-Leisure%20Blog%21;0.251238004761688

Request Chain 27

https://mc.yandex.ru/watch/48005801?wmode=7&page-url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1384%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A487352418158%3Ahid%3A905343182%3Az%3A0%3Ai%3A20230207150540%3Aet%3A1675782341%3Ac%3A1%3Arn%3A478759672%3Arqn%3A1%3Au%3A1675782341294069874%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A156%2C78%2C867%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675782339002%3Arqnl%3A1%3Ast%3A1675782341%3At%3Avaserepair29%20%C2%BB%20America-Europe-Leisure%20Blog!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/48005801/1?wmode=7&page-url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1384%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A487352418158%3Ahid%3A905343182%3Az%3A0%3Ai%3A20230207150540%3Aet%3A1675782341%3Ac%3A1%3Arn%3A478759672%3Arqn%3A1%3Au%3A1675782341294069874%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A156%2C78%2C867%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675782339002%3Arqnl%3A1%3Ast%3A1675782341%3At%3Avaserepair29%20%C2%BB%20America-Europe-Leisure%20Blog%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 50

https://pro.hit.gemius.pl/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_name=OH0004_Citroen|cam_id=2904892|advertiser_name=Citroen|placement_name=Citroen_AC_160x600|media_name=Real+Time+Bidding|cre_name=Citroen+-+Kody%2c+160x600_AC|cre_id=57048497|cre_w=160|cre_h=600|dev_advid=|app_name=|app_id=|geo_lat=52.23401|geo_lng=21.01517|user_opt=0|src_event=impression HTTP 301
https://pro.hit.gemius.pl/__/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_name=OH0004_Citroen|cam_id=2904892|advertiser_name=Citroen|placement_name=Citroen_AC_160x600|media_name=Real+Time+Bidding|cre_name=Citroen+-+Kody%2c+160x600_AC|cre_id=57048497|cre_w=160|cre_h=600|dev_advid=|app_name=|app_id=|geo_lat=52.23401|geo_lng=21.01517|user_opt=0|src_event=impression

Request Chain 51

https://adocean-pl.hit.gemius.pl/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=; HTTP 301
https://adocean-pl.hit.gemius.pl/__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;

Request Chain 52

https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_pre=CNmT-9nXg_0CFVST_Qcdu9IJhQ;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0

Request Chain 59

https://myao.adocean.pl/_1675782342614/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/ HTTP 301
https://myao.adocean.pl/__/_1675782342614/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/ HTTP 301
https://adocean-pl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fmyao.adocean.pl%2F__%2F_1675782342%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DQMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7%2Fcid%3D7359%2Fkid%3D2%2Faocodetype%3D1%2F HTTP 301
https://myao.adocean.pl/__/_1675782342/ad.js?hclsdata=&hcudata=bFG8HK2GdwfvsqfH_s_.jKHshGkd_LvTAO_YyKVHapb.O7&id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/

Request Chain 61

https://pixel.adsafeprotected.com/rfw/st/1322739/68772677/skeleton.js?adsafe_url=http%3A%2F%2Fusa.72tv.ru&adsafe_type=g&adsafe_url=http%3A%2F%2Fusa.72tv.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5568690005254807%26output%3Dhtml%26h%3D600%26slotname%3D1651551503%26adk%3D1431003133%26adf%3D9056073%26pi%3Dt.ma~as.1651551503%26w%3D240%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1675782341%26rafmt%3D1%26format%3D240x600%26url%3Dhttp%253A%252F%252Fusa.72tv.ru%252Fusa%252Findex.php%253Fsubaction%253Duserinfo%2526user%253Dvaserepair29%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26dt%3D1675782340664%26bpp%3D2%26bdt%3D558%26idt%3D383%26shv%3Dr20230202%26mjsv%3Dm202301240101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D1456433704976%26frm%3D20%26pv%3D1%26ga_vid%3D312224688.1675782340%26ga_sid%3D1675782341%26ga_hid%3D2108550775%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1182%26ady%3D150%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44779794%26oid%3D2%26pvsid%3D3513101863705968%26tmod%3D696893409%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3Dfbzmg6NXGv%26p%3Dhttp%253A%2F%2Fusa.72tv.ru%26dtd%3D659&adsafe_type=bed&adsafe_jsinfo=,id:71ca95cd-50d5-2166-834a-e29b7a3e05d2,c:3y1sM2,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-846cfdc89d-vrmhg,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:228,mot:0,app:0,maw:0,fm:tvbRVHu+11%7C12%7C13%7C14%7C15%7C16%7C171*.1322739-68772677%7C18,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,tt:rjss,et:247,oid:e3f8634e-a6f8-11ed-b496-ee7e94fb88be,v:19.8.390,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

92 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
usa.72tv.ru/usa/ 26 KB
9 KB 1101ms
866ms Document
text/html 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx / PHP/5.3.27
Resource Hash: 9082c24afd43b2e28f2c9bbf1afa521605f6725b634619f2e43af2c7e8325b83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=windows-1251
Date: Tue, 07 Feb 2023 15:05:39 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.27

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 142ms
54ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-63685636-2

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8be83573efbff4a0e4c2464e940ae6f11cc079468162111f919321ae465ae3be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43903
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 15:05:40 GMT

GET
H/1.1 200
OK styles.css
usa.72tv.ru/usa/templates/FUN/style/ 24 KB
6 KB 81ms
80ms Stylesheet
text/css 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://usa.72tv.ru/usa/templates/FUN/style/styles.css
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 53fbedb386443cbc53018b38c5ddc9563d61b55864af5ccbd05f518f09332a37

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 10 Mar 2018 20:33:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK engine.css
usa.72tv.ru/usa/templates/FUN/style/ 88 KB
29 KB 166ms
87ms Stylesheet
text/css 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://usa.72tv.ru/usa/templates/FUN/style/engine.css
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 77860b4103e2eca032a5966cdcd3553e6aa73f8e5ffe50550d6cb1478ea526bb

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 10 Mar 2018 20:33:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 156ms
60ms Stylesheet
text/css 142.251.39.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,cyrillic

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f10.1e100.net

Software

ESF /

Resource Hash

dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 15:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 15:05:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 15:05:40 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 56 KB
20 KB 75ms
38ms Script
text/javascript 142.251.208.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js?ver=1.3.2

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

HTTP/1.1

Server

142.251.208.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f10.1e100.net

Software

sffe /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 10:53:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 15131
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 19926
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 07 Feb 2024 10:53:29 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
52 KB 174ms
131ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

HTTP/1.1

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3e6cc68f0ea4be312715a42fcd1a1a8140e7f4a7f987053dff4acc674f8502d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52662
X-XSS-Protection: 0
Server: cafe
ETag: 7251236121531484244
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 07 Feb 2023 15:05:40 GMT

GET
H/1.1 200
OK logo.png
usa.72tv.ru/usa/templates/FUN/images/ 17 KB
17 KB 385ms
78ms Image
image/png 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://usa.72tv.ru/usa/templates/FUN/images/logo.png
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 48c1d3d902f27b7662e75bf9c40fc057df414493da5eb9909c5261948f919504

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Sat, 10 Mar 2018 20:33:30 GMT
Server: nginx
ETag: "5aa4411a-4362"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17250

GET
H/1.1 200
OK noavatar.png
usa.72tv.ru/usa/templates/FUN/dleimages/ 2 KB
2 KB 392ms
79ms Image
image/png 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://usa.72tv.ru/usa/templates/FUN/dleimages/noavatar.png
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 21103b10d89449ac9db3d5db945080082d43b12c28107b9d19b6a88cf670a0ed

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Sat, 10 Mar 2018 20:33:30 GMT
Server: nginx
ETag: "5aa4411a-7df"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2015

GET
H/1.1 200
OK 1521139887_6666665555.jpg
usa.72tv.ru/usa/uploads/posts/2018-03/medium/ 71 KB
71 KB 146ms
79ms Image
image/jpeg 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://usa.72tv.ru/usa/uploads/posts/2018-03/medium/1521139887_6666665555.jpg
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 74fa1d6c332698929688e17532b456256a634c86abc6a20e14047acd1c2b06e7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Thu, 15 Mar 2018 18:50:15 GMT
Server: nginx
ETag: "5aaac067-11ac3"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72387

GET
H/1.1 200
OK 1521137832_z-1.jpg
usa.72tv.ru/usa/uploads/posts/2018-03/medium/ 41 KB
41 KB 147ms
80ms Image
image/jpeg 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://usa.72tv.ru/usa/uploads/posts/2018-03/medium/1521137832_z-1.jpg
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 2ad8ba0cc5ab33e43ff5d540e3c59e1424534151827f91bcda9aeadc0812b281

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Thu, 15 Mar 2018 18:17:09 GMT
Server: nginx
ETag: "5aaab8a5-a40b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41995

GET
H/1.1 200
OK 1521096360_1-7.jpg
usa.72tv.ru/usa/uploads/posts/2018-03/medium/ 44 KB
44 KB 144ms
78ms Image
image/jpeg 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://usa.72tv.ru/usa/uploads/posts/2018-03/medium/1521096360_1-7.jpg
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: ee75b9c85f41a4aa6aba4f7dd08dae770525ef2fc1f7a39c0658903bf1cc71e5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Thu, 15 Mar 2018 06:44:48 GMT
Server: nginx
ETag: "5aaa1660-afa2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44962

GET
H/1.1 200
OK jquery.js Show response
usa.72tv.ru/usa/engine/classes/js/ 84 KB
84 KB 79ms
79ms Script
application/javascript 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://usa.72tv.ru/usa/engine/classes/js/jquery.js?v=22
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Sat, 10 Mar 2018 16:28:44 GMT
Server: nginx
ETag: "5aa407bc-14e4e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85582

GET
H/1.1 200
OK jqueryui.js Show response
usa.72tv.ru/usa/engine/classes/js/ 94 KB
94 KB 78ms
78ms Script
application/javascript 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://usa.72tv.ru/usa/engine/classes/js/jqueryui.js?v=22
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: c4e6a23be99c2c42388efb414e5babcc87c29480a14b5b8ebed156d4385053a6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Sat, 10 Mar 2018 16:28:44 GMT
Server: nginx
ETag: "5aa407bc-1785a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96346

GET
H/1.1 200
OK dle_js.js Show response
usa.72tv.ru/usa/engine/classes/js/ 29 KB
30 KB 306ms
79ms Script
application/javascript 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://usa.72tv.ru/usa/engine/classes/js/dle_js.js?v=22
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 8daa938907c7ea2e15688a2eb3ac26c47c2633d0d3d49b82e9f881161d6edb94

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Sat, 10 Mar 2018 16:28:44 GMT
Server: nginx
ETag: "5aa407bc-7587"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30087

GET
H/1.1 200
OK libs.js Show response
usa.72tv.ru/usa/templates/FUN/js/ 7 KB
7 KB 332ms
78ms Script
application/javascript 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://usa.72tv.ru/usa/templates/FUN/js/libs.js
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 2a050bf03c66b3271c0d5a031b24465102cc3dd19f75f892da8d04d3aac907f3

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Sat, 10 Mar 2018 20:33:30 GMT
Server: nginx
ETag: "5aa4411a-1a56"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6742

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 95ms
24ms Script
text/javascript 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-63685636-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 14:53:01 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 759
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Feb 2023 16:53:01 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 128ms
39ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://usa.72tv.ru
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:22 GMT
x-content-type-options: nosniff
age: 576978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:22 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
usa.72tv.ru/usa/templates/FUN/fonts/ 65 KB
65 KB 159ms
83ms Font
application/octet-stream 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://usa.72tv.ru/usa/templates/FUN/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/templates/FUN/style/engine.css
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d

Request headers

Referer: http://usa.72tv.ru/usa/templates/FUN/style/engine.css
Origin: http://usa.72tv.ru
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 10 Mar 2018 20:33:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 26 KB
26 KB 179ms
91ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://usa.72tv.ru
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 19:02:01 GMT
x-content-type-options: nosniff
age: 72219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 19:02:01 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//usa.72tv.ru/usa/index.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29;hvaserepair29%20%BB%20America-Europe-Leisure%20Blog%21;0.251238004...
https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//usa.72tv.ru/usa/index.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29;hvaserepair29%20%BB%20America-Europe-Leisure%20Blog%21;0.25123800...
https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//usa.72tv.ru/usa/index.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29;hvaserepair29%20%BB%20America-Europe-Leisure%20Blog%21;0.251238...

140 B
626 B

42ms
42ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//usa.72tv.ru/usa/index.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29;hvaserepair29%20%BB%20America-Europe-Leisure%20Blog%21;0.251238004761688

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 15:05:40 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 140
Expires: Sun, 06 Feb 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 15:05:40 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//usa.72tv.ru/usa/index.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29;hvaserepair29%20%BB%20America-Europe-Leisure%20Blog%21;0.251238004761688
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 06 Feb 2022 21:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
57 KB 240ms
114ms Script
application/javascript 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

28e61bfe4ec59cb82441109a6d54ee0bd7178bb3f9c0c27fb0e62bc31e2b4bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-e31c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58140
expires: Tue, 07 Feb 2023 16:05:40 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 44ms
44ms XHR
text/plain 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2108550775&t=pageview&_s=1&dl=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&ul=en-us&de=windows-1251&dt=vaserepair29%20%C2%BB%20America-Europe-Leisure%20Blog!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1351270891&gjid=2093727907&cid=312224688.1675782340&tid=UA-63685636-2&_gid=1424603744.1675782340&_r=1&gtm=457e3210h1&z=504577477

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://usa.72tv.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 138ms
46ms XHR
text/plain 64.233.166.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-63685636-2&cid=312224688.1675782340&jid=1351270891&gjid=2093727907&_gid=1424603744.1675782340&_u=YEBAAUAAAAAAACAAI~&z=1222299849

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

a6289d9cd6ab88d70ba405980f406b61aad967a7323e9e1d744f28afdadcc317

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Feb 2023 15:05:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://usa.72tv.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 361 KB
119 KB 191ms
103ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5568690005254807&plah=usa.72tv.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ee00e4937fb3636055b50427ca874970b63c7934bb312ae39000faa8d07e6adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121187
x-xss-protection: 0
server: cafe
etag: 18303783754480671256
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 15:05:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/ Frame 5567 10 KB
5 KB 131ms
40ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 7214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 13:05:26 GMT
etag: 10353107486223812946
expires: Tue, 21 Feb 2023 13:05:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 172ms
75ms Image
image/gif 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-63685636-2&cid=312224688.1675782340&jid=1351270891&_u=YEBAAUAAAAAAACAAI~&z=139637368

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.pl/ads/ 42 B
408 B 189ms
77ms Image
image/gif 142.251.208.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-63685636-2&cid=312224688.1675782340&jid=1351270891&_u=YEBAAUAAAAAAACAAI~&z=139637368

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/48005801/
Redirect Chain

https://mc.yandex.ru/watch/48005801?wmode=7&page-url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6...
https://mc.yandex.ru/watch/48005801/1?wmode=7&page-url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwx...

454 B
537 B

62ms
62ms

XHR
application/json

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/48005801/1?wmode=7&page-url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1384%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A487352418158%3Ahid%3A905343182%3Az%3A0%3Ai%3A20230207150540%3Aet%3A1675782341%3Ac%3A1%3Arn%3A478759672%3Arqn%3A1%3Au%3A1675782341294069874%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A156%2C78%2C867%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675782339002%3Arqnl%3A1%3Ast%3A1675782341%3At%3Avaserepair29%20%C2%BB%20America-Europe-Leisure%20Blog%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

cfab67a623597c8c1e077a8a4880447fa794f007d3954635b3eb4b97bb116e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 07-Feb-2023 15:05:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://usa.72tv.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Tue, 07-Feb-2023 15:05:40 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:40 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07-Feb-2023 15:05:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/48005801/1?wmode=7&page-url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1384%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A487352418158%3Ahid%3A905343182%3Az%3A0%3Ai%3A20230207150540%3Aet%3A1675782341%3Ac%3A1%3Arn%3A478759672%3Arqn%3A1%3Au%3A1675782341294069874%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A156%2C78%2C867%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675782339002%3Arqnl%3A1%3Ast%3A1675782341%3At%3Avaserepair29%20%C2%BB%20America-Europe-Leisure%20Blog%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://usa.72tv.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 07-Feb-2023 15:05:40 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 46ms
46ms XHR
text/plain 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2108550775&t=pageview&_s=1&dl=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&ul=en-us&de=windows-1251&dt=vaserepair29%20%C2%BB%20America-Europe-Leisure%20Blog!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=443415698&gjid=1203913440&cid=312224688.1675782340&tid=UA-63685636-1&_gid=1424603744.1675782340&_r=1&_slc=1&z=678917300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://usa.72tv.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
113 B 62ms
62ms Image
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:40 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Feb 2023 16:05:40 GMT

GET
H/1.1 200
OK share.png
usa.72tv.ru/usa/templates/FUN/images/ 6 KB
6 KB 79ms
79ms Image
image/png 37.143.9.70
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://usa.72tv.ru/usa/templates/FUN/images/share.png
Requested by: Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/templates/FUN/style/styles.css
Protocol: HTTP/1.1
Server: 37.143.9.70 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 91d5b067fefe73273b036fab32d3f2cd93de193292accc675defda11a848540a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/usa/templates/FUN/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 15:05:40 GMT
Last-Modified: Sat, 10 Mar 2018 20:33:30 GMT
Server: nginx
ETag: "5aa4411a-1682"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5762

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 47ms
46ms XHR
text/plain 64.233.166.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-63685636-1&cid=312224688.1675782340&jid=443415698&gjid=1203913440&_gid=1424603744.1675782340&_u=aEDAAUABAAAAACAAI~&z=1093809953

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Feb 2023 15:05:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://usa.72tv.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-5568690005254807 Show response
fundingchoicesmessages.google.com/i/ 123 KB
42 KB 178ms
89ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5568690005254807?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5568690005254807&plah=usa.72tv.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

f9498d3cb6435b5d1ec64da808e842b1d3360db45a965e4d5fec66a99584960b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-5U4etfA9wPvvSohl0SkHOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-5U4etfA9wPvvSohl0SkHOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
601 B 133ms
47ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=usa.72tv.ru&callback=_gfp_s_&client=ca-pub-5568690005254807

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9d6c5cd3ea67b3f2be9c957bd0d87bd6b1fde1203ddb207c71bdcbd4b2cc4de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
531 B 160ms
61ms Script
application/javascript 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=usa.72tv.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 159ms
60ms Script
application/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usa.72tv.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F24B 9 KB
4 KB 200ms
199ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&adk=1812271804&adf=3025194257&lmt=1675782341&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x945_r&format=0x0&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&ea=0&pra=5&wgl=1&dt=1675782340664&bpp=2&bdt=559&idt=341&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1456433704976&frm=20&pv=2&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=651

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

60816f2a00688f15c5186045ee5e08f88279047018a8167560aa001dfaac68b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4055
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 15:05:41 GMT
expires: Tue, 07 Feb 2023 15:05:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E6A 28 KB
10 KB 487ms
487ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7d0f825aac92eaff3bf1890006f8b4f3101551e6bbd540dc1abb6e3c8bce7195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 15:05:41 GMT
expires: Tue, 07 Feb 2023 15:05:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 916D 430 B
376 B 486ms
485ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=240&slotname=8953454111&adk=169436648&adf=840352070&pi=t.ma~as.8953454111&w=240&lmt=1675782341&format=240x240&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&wgl=1&dt=1675782340664&bpp=1&bdt=558&idt=384&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ThOAuoOnGE&p=http%3A//usa.72tv.ru&dtd=666

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

523f6019f1a7472b58752937806a87c8c7838da7ce06345388a591b00b52c906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 15:05:41 GMT
expires: Tue, 07 Feb 2023 15:05:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWacw81cHEOqG7eJivzMSJPrD_iDsHNKx0ZyBb8YVlcX8lUlq7Fk8rEgHuQcnbFqmDR26HgunbzFIL30DpIhwI= Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 68ms
68ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWacw81cHEOqG7eJivzMSJPrD_iDsHNKx0ZyBb8YVlcX8lUlq7Fk8rEgHuQcnbFqmDR26HgunbzFIL30DpIhwI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1NzgyMzQxLDMzNjAwMDAwMF0sIkNBODY0QjFGLTU2MjEtNDRBQy05M0U1LTRGRUYzNTIzQ0Y2MyIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cDovL3VzYS43MnR2LnJ1L3VzYS9pbmRleC5waHAiLG51bGwsW1s4LCJFcVFwXzVqbFRWOCJdLFs5LCJwbCJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.EqQp_5jlTV8.es5.O/d=1/rs=AJlcJMyvV4V0nrHDrmRnc_NWluVWSAVxkg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

f1dd49ac7722c6d68f7672c76da5edc69cc6b0a80d488b5ecb566ca8fd4b4d9c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qhXzBUf4o_wEk6VIIyFl5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qhXzBUf4o_wEk6VIIyFl5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUkmiJZ2L7E_SMSMWaiRn6qx6OdbwovDrwMsWjyV0R_aDu2spH1RhP_oxNoGYSc8J8HkJyDMl51abOlBP28Pj8= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 138ms
57ms XHR
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkmiJZ2L7E_SMSMWaiRn6qx6OdbwovDrwMsWjyV0R_aDu2spH1RhP_oxNoGYSc8J8HkJyDMl51abOlBP28Pj8=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SUA4sWj3xuG5sgYtc4_iMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 15:05:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SUA4sWj3xuG5sgYtc4_iMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://usa.72tv.ru
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVziCsDmSiS8KVYtQ5KiC7GCV-r8pfEnPs30NkwCrPnrm5roX3eP0fFMpn5cY_Vq4u3-wEGR7zysUZScA6Y5skAFYiTEy9sfLeTjYItKu7fKjzF3CO5m8Pr-nNLeqvPB13-kJc2-g== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 73ms
72ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVziCsDmSiS8KVYtQ5KiC7GCV-r8pfEnPs30NkwCrPnrm5roX3eP0fFMpn5cY_Vq4u3-wEGR7zysUZScA6Y5skAFYiTEy9sfLeTjYItKu7fKjzF3CO5m8Pr-nNLeqvPB13-kJc2-g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1NzgyMzQxLDQxNDAwMDAwMF0sIkNBODY0QjFGLTU2MjEtNDRBQy05M0U1LTRGRUYzNTIzQ0Y2MyIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cDovL3VzYS43MnR2LnJ1L3VzYS9pbmRleC5waHAiLG51bGwsW1s4LCJFcVFwXzVqbFRWOCJdLFs5LCJwbCJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

00ed5e50599f6b1a86e2bc4493aeb8d0bc15532ecd14ae8701ce33b95da556f1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gf9OwQ2WlK-uxlhRHUdLWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gf9OwQ2WlK-uxlhRHUdLWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5F81 0
0 83ms
82ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzsxHxWjiY8fwGoHGiAOT6qDQCs_ZtZNczPrvubQJwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU1Njg2OTAwMDUyNTQ4MDfIAQmpAt65rMmmVYM-qAMBqgTrAU_QtDrhdNU8NBt6ZTDcCe36U4cjyEuB1t2HKS7NCO-1ULvBRaVCY0tjgVikPZTH7KRHlJwNexG4w4D9_BBUBvaep24DvUGcbirNIXn8XWveGsDdqggWU-VW1BMuT4-iESGbmrNr6K8Uc-GxJEku8ULHs9OTo6M1BrmO2Ngzxx6_jUAsBTiyg8pXqvwEZAp_wvHNCEWIm73LfwHBKzncg6IOfxmtN4FDbczGYayUyoYDWu7CyZ2qBCT3YHwLXNV0Qfgbr_JPwOV1BUA2mmoX_c0erO7sXKAie9QgRSjGAysjKE-SWBGq-PNGSMiABuvN9JSJmOOJ2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1Njg2OTAwMDUyNTQ4MDcYAA&sigh=Mbe-PU-ATfw&uach_m=[UACH]&cid=CAQSGwDUE5ymQaVSfDqB3Ljjebdda291gpMvbg5YVxgB

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Feb 2023 15:05:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Feb 2023 15:05:41 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 5F81 2 KB
2 KB 176ms
48ms Script
text/javascript 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=61256853;rtbwp=Y-JoxQAGuEcKYiMBAAg1E0ddSXC1waXKuFu4Kg;rtbdata=qVuPO5b7W_KmFJpMd3DGY6e1MwzM4ercCF1dM_becADO-mZ2tl6hqJ0Rk37XFb6ix8du4i6-Zcms-62yb7eyGcrF3M1UVAp9OkP8DADyDLmb40bb_8z8V79RYTfu85aV4wp-1oLzZuG7v6PBuBNgY5hDSI69dkj-XCkrxIazT7Dcp4jPSF7ktJD_BsTX-_pAlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtgfeLciUYN81FGmwdAMTVEEes05Szk56jBUikTViklq4EG57qbmYRPLA1mlIz8d0qlc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cm_dMxWjiY8fwGoHGiAOT6qDQCs_ZtZNczPrvubQJwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU1Njg2OTAwMDUyNTQ4MDfIAQmpAt65rMmmVYM-qAMBqgTuAU_QtDrhdNU8NBt6ZTDcCe36U4cjyEuB1t2HKS7NCO-1ULvBRaVCY0tjgVikPZTH7KRHlJwNexG4w4D9_BBUBvaep24DvUGcbirNIXn8XWveGsDdqggWU-VW1BMuT4-iESGbmrNr6K8Uc-GxJEku8ULHs9OTo6M1BrmO2Ngzxx6_jUAsBTiyg8pXqvwEZAp_wvHNCEWIm73LfwHBKzncg6IOfxmtN4FDbczGYayUyoYDWu7CyZ2qBCT3YHwLXNV0Qfgbr_JPgudUl8jaURLJNsbdRLoonMQ2cR0qazA_1dt37IU_Rj2ycjqVMBbqvcWABuvN9JSJmOOJ2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_0BiaOMglrwdEwLw6B_v0ecJlddfg&client=ca-pub-5568690005254807&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6bed9ebc6149815b8dbbba834802101ed6686557bb12f2e13f1506c7882df669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1601
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 5F81 3 KB
1 KB 140ms
51ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 12:53:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 12:53:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 5F81 18 KB
8 KB 139ms
50ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:56:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F81 157 KB
49 KB 152ms
63ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:05:41 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 5F81 34 KB
16 KB 211ms
47ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61256853;rtbwp=Y-JoxQAGuEcKYiMBAAg1E0ddSXC1waXKuFu4Kg;rtbdata=qVuPO5b7W_KmFJpMd3DGY6e1MwzM4ercCF1dM_becADO-mZ2tl6hqJ0Rk37XFb6ix8du4i6-Zcms-62yb7eyGcrF3M1UVAp9OkP8DADyDLmb40bb_8z8V79RYTfu85aV4wp-1oLzZuG7v6PBuBNgY5hDSI69dkj-XCkrxIazT7Dcp4jPSF7ktJD_BsTX-_pAlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtgfeLciUYN81FGmwdAMTVEEes05Szk56jBUikTViklq4EG57qbmYRPLA1mlIz8d0qlc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cm_dMxWjiY8fwGoHGiAOT6qDQCs_ZtZNczPrvubQJwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU1Njg2OTAwMDUyNTQ4MDfIAQmpAt65rMmmVYM-qAMBqgTuAU_QtDrhdNU8NBt6ZTDcCe36U4cjyEuB1t2HKS7NCO-1ULvBRaVCY0tjgVikPZTH7KRHlJwNexG4w4D9_BBUBvaep24DvUGcbirNIXn8XWveGsDdqggWU-VW1BMuT4-iESGbmrNr6K8Uc-GxJEku8ULHs9OTo6M1BrmO2Ngzxx6_jUAsBTiyg8pXqvwEZAp_wvHNCEWIm73LfwHBKzncg6IOfxmtN4FDbczGYayUyoYDWu7CyZ2qBCT3YHwLXNV0Qfgbr_JPgudUl8jaURLJNsbdRLoonMQ2cR0qazA_1dt37IU_Rj2ycjqVMBbqvcWABuvN9JSJmOOJ2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_0BiaOMglrwdEwLw6B_v0ecJlddfg&client=ca-pub-5568690005254807&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:42 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:46:59 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 5F81 13 KB
5 KB 44ms
44ms Script
text/javascript 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=61256853;rtbwp=Y-JoxQAGuEcKYiMBAAg1E0ddSXC1waXKuFu4Kg;rtbdata=qVuPO5b7W_KmFJpMd3DGY6e1MwzM4ercCF1dM_becADO-mZ2tl6hqJ0Rk37XFb6ix8du4i6-Zcms-62yb7eyGcrF3M1UVAp9OkP8DADyDLmb40bb_8z8V79RYTfu85aV4wp-1oLzZuG7v6PBuBNgY5hDSI69dkj-XCkrxIazT7Dcp4jPSF7ktJD_BsTX-_pAlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtgfeLciUYN81FGmwdAMTVEEes05Szk56jBUikTViklq4EG57qbmYRPLA1mlIz8d0qlc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cm_dMxWjiY8fwGoHGiAOT6qDQCs_ZtZNczPrvubQJwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU1Njg2OTAwMDUyNTQ4MDfIAQmpAt65rMmmVYM-qAMBqgTuAU_QtDrhdNU8NBt6ZTDcCe36U4cjyEuB1t2HKS7NCO-1ULvBRaVCY0tjgVikPZTH7KRHlJwNexG4w4D9_BBUBvaep24DvUGcbirNIXn8XWveGsDdqggWU-VW1BMuT4-iESGbmrNr6K8Uc-GxJEku8ULHs9OTo6M1BrmO2Ngzxx6_jUAsBTiyg8pXqvwEZAp_wvHNCEWIm73LfwHBKzncg6IOfxmtN4FDbczGYayUyoYDWu7CyZ2qBCT3YHwLXNV0Qfgbr_JPgudUl8jaURLJNsbdRLoonMQ2cR0qazA_1dt37IU_Rj2ycjqVMBbqvcWABuvN9JSJmOOJ2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_0BiaOMglrwdEwLw6B_v0ecJlddfg&client=ca-pub-5568690005254807&adurl=;js=1;adfxid=1x;9242;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Fusa.72tv.ru

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ed4442108620fa7655eb7f6cae282c0775166346b1c7af45a6b6537cafe0665b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4765
expires: -1

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1322739/68772677/ Frame 5F81 46 KB
12 KB 218ms
63ms Script
application/javascript 52.51.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1322739/68772677/skeleton.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.214.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-214-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4227c4fbbd8023aabb9203231ecfd12f77e6f264b3fdf73fa6a5900e96515d5f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2

200

redot.gif
pro.hit.gemius.pl/__/ Frame 5F81
Redirect Chain

https://pro.hit.gemius.pl/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_nam...
https://pro.hit.gemius.pl/__/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_...

43 B
220 B

30ms
30ms

Image
image/gif

195.177.217.225
Autonomous System...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pro.hit.gemius.pl/__/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_name=OH0004_Citroen|cam_id=2904892|advertiser_name=Citroen|placement_name=Citroen_AC_160x600|media_name=Real+Time+Bidding|cre_name=Citroen+-+Kody%2c+160x600_AC|cre_id=57048497|cre_w=160|cre_h=600|dev_advid=|app_name=|app_id=|geo_lat=52.23401|geo_lng=21.01517|user_opt=0|src_event=impression
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Server: 195.177.217.225 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-225.dataspace.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 43
expires: Mon, 06 Feb 2023 15:05:42 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_name=OH0004_Citroen|cam_id=2904892|advertiser_name=Citroen|placement_name=Citroen_AC_160x600|media_name=Real+Time+Bidding|cre_name=Citroen+-+Kody%2c+160x600_AC|cre_id=57048497|cre_w=160|cre_h=600|dev_advid=|app_name=|app_id=|geo_lat=52.23401|geo_lng=21.01517|user_opt=0|src_event=impression
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 06 Feb 2023 15:05:42 GMT

GET
H2

200

extra=;
adocean-pl.hit.gemius.pl/__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/ Frame 5F81
Redirect Chain

https://adocean-pl.hit.gemius.pl/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;
https://adocean-pl.hit.gemius.pl/__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;

43 B
219 B

32ms
31ms

Image
image/gif

195.177.217.225
Autonomous System...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adocean-pl.hit.gemius.pl/__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Server: 195.177.217.225 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-225.dataspace.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 43
expires: Mon, 06 Feb 2023 15:05:42 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 06 Feb 2023 15:05:42 GMT

GET
H2

200

B29201693.357095956;dc_pre=CNmT-9nXg_0CFVST_Qcdu9IJhQ;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0
ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/ Frame 5F81
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_pre=CNmT-9nXg_0CFVST_Qcdu9IJhQ;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;t...

42 B
118 B

72ms
71ms

Image
image/gif

142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_pre=CNmT-9nXg_0CFVST_Qcdu9IJhQ;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0

Requested by

Protocol

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_pre=CNmT-9nXg_0CFVST_Qcdu9IJhQ;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 5F81 35 B
477 B 43ms
42ms Ping
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=61256853&csi=qK9p3o0WBRVGG9qaDygqYGfhcjkmolUjYIGkGktVOKXrygPkIxxfk_vJlz1NCCZ3DvEGm1XX5uFfbru1znH5tGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 5F81 34 KB
15 KB 56ms
55ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:42 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:59:44 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 55ms
54ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.9998425528639088

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dlykz9loZyUxcCN8Y25QRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-dlykz9loZyUxcCN8Y25QRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 64ms
63ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.12173108471056

Requested by

Host: usa.72tv.ru
URL: http://usa.72tv.ru/usa/index.php?subaction=userinfo&user=vaserepair29

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eRx2lUXq3i-UWzpyJoD8JQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-eRx2lUXq3i-UWzpyJoD8JQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWITKJletjK6EU2R9iJnpgUU4WZT9BswHY5VaxxPPZRLsACFWTt1alBXGqF6Z_QIQPkAKkAOZuRZGLa3RigQknz0f0n_sMZM7iZh9DrjBIPkl4YdO7XK3v4i8vjBJPSOObBL8Enlw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 66ms
66ms XHR
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWITKJletjK6EU2R9iJnpgUU4WZT9BswHY5VaxxPPZRLsACFWTt1alBXGqF6Z_QIQPkAKkAOZuRZGLa3RigQknz0f0n_sMZM7iZh9DrjBIPkl4YdO7XK3v4i8vjBJPSOObBL8Enlw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-enTeE14Nn5lQabTXGTh6QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 15:05:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-enTeE14Nn5lQabTXGTh6QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://usa.72tv.ru
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.19.8.390.js Show response
static.adsafeprotected.com/ Frame 5F81 200 KB
63 KB 154ms
49ms Script
application/javascript 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.390.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1322739/68772677/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bacfaf4f24a8c99c48c29e32293cd6207924d289b2bc1da4bbfeaf54b03f19b2

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 15:20:59 GMT
x-amz-version-id: 92LQopFh_7IbkJnbrvXbYa5ocG_FxdQW
content-encoding: gzip
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 344683
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Feb 2023 18:40:44 GMT
server: AmazonS3
etag: W/"022987f281b11cf4cfb9b7bfe65a2517"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: fwBr8RlcfM01vSGObuNHXhNZkF5c992s2isyANLl6i6E0yIjEmTgAw==

GET
H2

200

ad.js Show response
myao.adocean.pl/__/_1675782342/ Frame 5F81
Redirect Chain

https://myao.adocean.pl/_1675782342614/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
https://myao.adocean.pl/__/_1675782342614/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
https://adocean-pl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fmyao.adocean.pl%2F__%2F_1675782342%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DQMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.b...
https://myao.adocean.pl/__/_1675782342/ad.js?hclsdata=&hcudata=bFG8HK2GdwfvsqfH_s_.jKHshGkd_LvTAO_YyKVHapb.O7&id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/

4 KB
2 KB

34ms
34ms

Script
application/x-javascript

185.11.128.197
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://myao.adocean.pl/__/_1675782342/ad.js?hclsdata=&hcudata=bFG8HK2GdwfvsqfH_s_.jKHshGkd_LvTAO_YyKVHapb.O7&id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Server: 185.11.128.197 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-197.dataspace.pl
Software: GAD /
Resource Hash: 1eb8e96485df21ea21b77cf3e5c8aa9779d8480400ef3798bcc098d6af0b126b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 1445
expires: Mon, 06 Feb 2023 15:05:42 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://myao.adocean.pl/__/_1675782342/ad.js?hclsdata=&hcudata=bFG8HK2GdwfvsqfH_s_.jKHshGkd_LvTAO_YyKVHapb.O7&id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 06 Feb 2023 15:05:42 GMT

GET
DATA 200
OK truncated
/ Frame 5F81 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef530b3b0223cf8c853f1fbcaf1524c958fa15f6863beb4399ca7e5164b75f73

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 5F81
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1322739/68772677/skeleton.js?adsafe_url=http%3A%2F%2Fusa.72tv.ru&adsafe_type=g&adsafe_url=http%3A%2F%2Fusa.72tv.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

45ms
45ms

Script
application/javascript

18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 30848859
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: -KiU1QX2jc9j6vplfjXd3e-Nltcn36lTzk8UTL2VCRQW8pWZYZMLAA==

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:42 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame EFF1 91 KB
23 KB 48ms
47ms Script
application/javascript 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12007766
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: GTgv-kBsLyEhhvp8yVoOFrhjDFJes8nBTkj9F8nen5hBJydWQDrkzw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5F81 43 B
216 B 418ms
133ms Image
image/gif 35.171.245.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=71ca95cd-50d5-2166-834a-e29b7a3e05d2&tv=%7Bc:3y1sMs,pingTime:-3,time:272,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:246%7D,%7Bpiv:100,vs:i,t:271%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:272,o:0,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:245,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~160.600%5D%7D%7D,%7Bsl:i,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvbRVHu+11%7C12%7C13%7C14%7C15%7C16%7C171*.1322739-68772677%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:247%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.245.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-245-46.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:43 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5F81 43 B
215 B 416ms
135ms Image
image/gif 35.171.245.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=71ca95cd-50d5-2166-834a-e29b7a3e05d2&tv=%7Bc:3y1sMt,pingTime:-6,time:273,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:273,o:0,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:245,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~160.600%5D%7D%7D,%7Bsl:i,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvbRVHu+11%7C12%7C13%7C14%7C15%7C16%7C171*.1322739-68772677%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:247%7D&tpiLookup=ao:usa.72tv.ru%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.245.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-245-46.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:43 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5F81 43 B
215 B 413ms
137ms Image
image/gif 35.171.245.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=71ca95cd-50d5-2166-834a-e29b7a3e05d2&tv=%7Bc:3y1sMA,pingTime:-2,time:280,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:502,bdZ:782,beA:783,beZ:784,mfA:1011,cmA:1012,inA:1012,inZ:1017,prA:1017,prZ:1023,si:1030,poA:1031,poZ:1049,cmZ:1049,mfZ:1049,loA:1056,loZ:1059,ltA:1063,ltZ:1063,mdA:784,mdZ:987%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,gca2:false,ccd:%7Bversion:1,uspString:1---%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:246%7D,%7Bpiv:100,vs:i,t:271%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:280,o:0,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:245,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~160.600%5D%7D%7D,%7Bsl:i,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B9~100%5D,as:%5B9~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvbRVHu+11%7C12%7C13%7C14%7C15%7C16%7C171*.1322739-68772677%7C18,idMap:171*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:247,sinceFw:32,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.245.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-245-46.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:43 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 code.min.js Show response
myao.adocean.pl/files/x/lmn/egrpjcj/xajkevmjdv/ Frame 5F81 92 KB
19 KB 31ms
30ms Script
application/x-javascript 185.11.128.197
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://myao.adocean.pl/files/x/lmn/egrpjcj/xajkevmjdv/code.min.js
Requested by: Host: myao.adocean.pl
URL: https://myao.adocean.pl/_1675782342614/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.197 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-197.dataspace.pl
Software: GAD /
Resource Hash: 558001dcb063d3fde4731d98309580dbe7d28e31488775b6327828091d96cfd7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:42 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 13:49:34 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "60647DEE00017182C784567F"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 19615
expires: Wed, 29 Mar 2023 15:05:42 GMT

GET
H2 200 oaoa.min.css
myao.adocean.pl/files/x/lmn/egrpjcj/ubqqhsgonq/ Frame 5F81 19 KB
3 KB 31ms
30ms Stylesheet
text/css 185.11.128.197
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://myao.adocean.pl/files/x/lmn/egrpjcj/ubqqhsgonq/oaoa.min.css
Requested by: Host: myao.adocean.pl
URL: https://myao.adocean.pl/files/x/lmn/egrpjcj/xajkevmjdv/code.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.197 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-197.dataspace.pl
Software: GAD /
Resource Hash: ccbbcafee0d6711f41fde0b95765f8af7c0c462d951aaae7fd67af961a0b5df0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 13:50:07 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "60647E0F00004B0931DBDD17"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/css
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3224
expires: Wed, 29 Mar 2023 15:05:43 GMT

GET
H2 200 Citroen_12_styczen_PP_C5_AC_banner_160x600.jpg
myao.adocean.pl/files/x/xch/oguhicp/ubqqhsgonq/ Frame 5F81 37 KB
38 KB 31ms
30ms Image
image/jpeg 185.11.128.197
Autonomous System...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myao.adocean.pl/files/x/xch/oguhicp/ubqqhsgonq/Citroen_12_styczen_PP_C5_AC_banner_160x600.jpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.197 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-197.dataspace.pl
Software: GAD /
Resource Hash: 3e73301fa68d16b08e91a2697bd1fb85e97e8a029b7d193330368b43953963d6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
last-modified: Fri, 13 Jan 2023 10:02:24 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "63C12C30000095C73D3F2F79"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 38343
expires: Wed, 29 Mar 2023 15:05:43 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5F81 43 B
215 B 294ms
136ms Image
image/gif 35.171.245.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=71ca95cd-50d5-2166-834a-e29b7a3e05d2&tv=%7Bc:3y1sOu,time:398,type:e,im:%7Bimprf:%7Bttecl:647,ecd:118,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:398,o:0,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:245,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~160.600%5D%7D%7D,%7Bsl:i,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B128~100%5D,as:%5B128~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvbRVHu+11%7C12%7C13%7C14%7C15%7C16%7C171*.1322739-68772677%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:247,sis:366%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.245.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-245-46.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:43 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 redot.gif
adocean-pl.hit.gemius.pl/ Frame 5F81 43 B
258 B 32ms
32ms Image
image/gif 195.177.217.225
Autonomous System...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adocean-pl.hit.gemius.pl/redot.gif?id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=ndjekifhat/sarg=63E268C6F2969131;/inner=%7C;/extra=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 195.177.217.225 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-225.dataspace.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:43 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 43
expires: Mon, 06 Feb 2023 15:05:43 GMT

GET
H3 200 sidebar_ad. Show response
fundingchoicesmessages.google.com/f/AGSKWxXYuW5kM7Q107XSIt0nZTjbPx2EDenBXtPMRGQ2DxRLSEIOt7A9tPGO_rPsYAoiWUrK5AJW_cVi3G0EPLIEX7WScQ8n9y6heeyaCciBayLvEylsFLalZ4Ss67-YSqEyw9klHFtFHmElWhi5jCg0zY5wzbAhc... 54 B
110 B 56ms
56ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXYuW5kM7Q107XSIt0nZTjbPx2EDenBXtPMRGQ2DxRLSEIOt7A9tPGO_rPsYAoiWUrK5AJW_cVi3G0EPLIEX7WScQ8n9y6heeyaCciBayLvEylsFLalZ4Ss67-YSqEyw9klHFtFHmElWhi5jCg0zY5wzbAhc0Az1QzuuMLUA-x5fZf9r8ZFvuEugzgo/_/advaluewriter./swfbin/ad3-/video_ads./dfp_init./sidebar_ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.EqQp_5jlTV8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMyvV4V0nrHDrmRnc_NWluVWSAVxkg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

8e42f623234f4e91ccae498120c65dd2d5c678138928cd4fa751df9c0171be8d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-g9T6Ys1T04YXyq2XcC6SFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-g9T6Ys1T04YXyq2XcC6SFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
167 B 41ms
40ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 18:56:25 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWITKJletjK6EU2R9iJnpgUU4WZT9BswHY5VaxxPPZRLsACFWTt1alBXGqF6Z_QIQPkAKkAOZuRZGLa3RigQknz0f0n_sMZM7iZh9DrjBIPkl4YdO7XK3v4i8vjBJPSOObBL8Enlw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--bS-kYl7No77kTCzZZnVKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--bS-kYl7No77kTCzZZnVKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://usa.72tv.ru
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5F81 43 B
215 B 181ms
180ms Image
image/gif 35.171.245.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=71ca95cd-50d5-2166-834a-e29b7a3e05d2&tv=%7Bc:3y1sSo,pingTime:-10,time:640,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002022202222222002020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1675782343251%7C%7C3dcc53171c1803547bdc9bdae83b8e15%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C48aabf4d9045496a12917cca16785baf%7C%7C3f18a2e670adb6d0e579d4617627a226%7C%7Ca542679f841479a0dc7a70a9a275fba2%7C%7C84cbf06e4fbb81dfe1ba674643a0fef7%7C%7C0c26e54814e8bc1d65ef52a306ab6d79%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5568690005254807&output=html&h=600&slotname=1651551503&adk=1431003133&adf=9056073&pi=t.ma~as.1651551503&w=240&fwrn=4&fwrnh=100&lmt=1675782341&rafmt=1&format=240x600&url=http%3A%2F%2Fusa.72tv.ru%2Fusa%2Findex.php%3Fsubaction%3Duserinfo%26user%3Dvaserepair29&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1675782340664&bpp=2&bdt=558&idt=383&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1456433704976&frm=20&pv=1&ga_vid=312224688.1675782340&ga_sid=1675782341&ga_hid=2108550775&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1182&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=3513101863705968&tmod=696893409&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fbzmg6NXGv&p=http%3A//usa.72tv.ru&dtd=659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.245.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-245-46.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:43 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWITKJletjK6EU2R9iJnpgUU4WZT9BswHY5VaxxPPZRLsACFWTt1alBXGqF6Z_QIQPkAKkAOZuRZGLa3RigQknz0f0n_sMZM7iZh9DrjBIPkl4YdO7XK3v4i8vjBJPSOObBL8Enlw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-76um2Kse_14fnFnlUeiROA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-76um2Kse_14fnFnlUeiROA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://usa.72tv.ru
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWITKJletjK6EU2R9iJnpgUU4WZT9BswHY5VaxxPPZRLsACFWTt1alBXGqF6Z_QIQPkAKkAOZuRZGLa3RigQknz0f0n_sMZM7iZh9DrjBIPkl4YdO7XK3v4i8vjBJPSOObBL8Enlw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XS2u8F8E_FbSQhmgaw-7Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-XS2u8F8E_FbSQhmgaw-7Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://usa.72tv.ru
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWITKJletjK6EU2R9iJnpgUU4WZT9BswHY5VaxxPPZRLsACFWTt1alBXGqF6Z_QIQPkAKkAOZuRZGLa3RigQknz0f0n_sMZM7iZh9DrjBIPkl4YdO7XK3v4i8vjBJPSOObBL8Enlw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fGPFRNGKWkLlk4DWkdEWsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fGPFRNGKWkLlk4DWkdEWsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://usa.72tv.ru
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUl01QKlh1YMvBY58pjuib268-mFQaj8u7wgDbMeg1V_N4kUSFKp_jylWzP190S8SkIPY-LWgRXJoHvcoKxxHDGEnrI4_IYraAD2K3e949SWeLeeM3yTElfciWoeBT1C1leqywwYQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 65ms
64ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUl01QKlh1YMvBY58pjuib268-mFQaj8u7wgDbMeg1V_N4kUSFKp_jylWzP190S8SkIPY-LWgRXJoHvcoKxxHDGEnrI4_IYraAD2K3e949SWeLeeM3yTElfciWoeBT1C1leqywwYQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1NzgyMzQzLDMwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHA6Ly91c2EuNzJ0di5ydS91c2EvaW5kZXgucGhwIixudWxsLFtbOCwiRXFRcF81amxUVjgiXSxbOSwicGwiXSxbMTYsIlt0cnVlLHRydWUsdHJ1ZV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

7f9dbc4da2a0fe4d4791203df675784aad1bf2d36a43e48c0780d0a5be7a3b77

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3o9dU4nPTrJagTSHP6ocNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3o9dU4nPTrJagTSHP6ocNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUypUaMBlBhYL0B6yzI0szh604oahIWHGiBidPFJTyfCe4O5VXIqOcRROrN9gOu6veg-jZrfEgj-p2_SIIxulmcDdyiHvwMY8xFeFB6X3LOonEcgStGpi2i77PJTebeErCLPmrFRg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 52ms
52ms XHR
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUypUaMBlBhYL0B6yzI0szh604oahIWHGiBidPFJTyfCe4O5VXIqOcRROrN9gOu6veg-jZrfEgj-p2_SIIxulmcDdyiHvwMY8xFeFB6X3LOonEcgStGpi2i77PJTebeErCLPmrFRg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sg0_DK2ZMa7I-hhyhTArRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sg0_DK2ZMa7I-hhyhTArRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://usa.72tv.ru
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 171ms
87ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230202&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

9d240ce94dc5725ea5d9fe424af172d522f35b115b182f2a089f1febef4049b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11234
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 58ms
58ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:05:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F81 42 B
64 B 73ms
73ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_cqfgkyaIX8WDq-BXTy9X819y6lbr0UEsT0r-bzhNRX0EChqweMxksAuHisB-tMB3Yd_V5nio7jQeayoMjeLgzobZ&sig=Cg0ArKJSzH2k2kbeYtEMEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1431003133&rs=2&la=0&cr=0&vs=4&r=v&rst=1675782341830&rpt=820&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 25FF 13 KB
5 KB 48ms
46ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://usa.72tv.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 3381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 14:09:22 GMT
expires: Wed, 07 Feb 2024 14:09:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 19EE 783 B
973 B 66ms
65ms Document
text/html 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f4.1e100.net

Software

GSE /

Resource Hash

5c7e671bb4e9d431f539857fdb45fa66da5c5270eda073e896137281fda8770e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X7QW44xGvXY9ejrpyKlk5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://usa.72tv.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-X7QW44xGvXY9ejrpyKlk5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 15:05:43 GMT
expires: Tue, 07 Feb 2023 15:05:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 25FF 36 KB
14 KB 40ms
40ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 06:47:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 19EE 0
0 77ms
77ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230202&jk=3513101863705968&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 25FF 0
10 B 39ms
39ms Image
text/plain 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1OD0zA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:05:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5F81 43 B
215 B 134ms
133ms Image
image/gif 35.171.245.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=71ca95cd-50d5-2166-834a-e29b7a3e05d2&tv=%7Bc:3y1t2z,pingTime:1,time:1271,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:246%7D,%7Bpiv:100,vs:i,t:271%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1271,o:0,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:245,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~160.600%5D%7D%7D,%7Bsl:i,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:tvbRVHu+11%7C12%7C13%7C14%7C15%7C16%7C171*.1322739-68772677%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:247,sis:366%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.245.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-245-46.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:43 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5F81 43 B
215 B 133ms
133ms Image
image/gif 35.171.245.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=71ca95cd-50d5-2166-834a-e29b7a3e05d2&tv=%7Bc:3y1t2z,pingTime:1,time:1271,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:246%7D,%7Bpiv:100,vs:i,t:271%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1271,o:0,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:245,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~160.600%5D%7D%7D,%7Bsl:i,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:tvbRVHu+11%7C12%7C13%7C14%7C15%7C16%7C171*.1322739-68772677%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:247,sis:366%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.245.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-245-46.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:43 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230202&jk=3513101863705968&bg=!2tml2Z3NAAaq5O5FiuQ7ACkAdvg8WjiR-JlLh-ZKEBRz-bUbfjW7nnfC2RlXqsMJy4xEDgFbpdx7_QIAAABSUgAAAANoAQeZApBCvpudcFWqwdGeR_OJf40e9x7JhcD4v2rjqW4GRgo_Rfretv0JPCkwD4788Yfb9-KE0Q_kEWZUHMqoGX6_KB5nn-k5ZmXTVRKljOP3Bu1kXAHY-FvHlUagzRibpZyy3JrE_I3YuwNl3YY_sjHPM6KBByOA5cgLriCtmWHWtSdr-ymszlQgwKUahm6qQvdalEViwXF62OISL7TNz5vvPMtWuxOfmgzBrQ-YUGCzKYV1dmMVbHIZXIEJg55o6i-QfKl2Nd7RnLKqLxjH94a_aOtDb7wWemp0iYq-vDjNeVtZ5anFAbGpMq7-QVeJ4Pv9n1ET57cXmhSkDuhh0M1s5WnjN5tjK3XelyI7qiLUiIa4TQPmOmNFQHYIlnJIml7R0igFE5WGp6urlLhoH1ieMjGHQskVm3bwmQuNtaPPmGcwHlSpsvcViRJ-TSO8LSMa7W_eB3Ji62zIYa_bKewCgShvR7Bgec0-K4s8xQrONZNpWAK8WVJOdyOl467X__VFOI0BcUqR-SNhVUW6ARzRK0ojl4J-s69XsIkHV2fIKY6SgGqfaSeRFnYFO9ph0MeWx08JtB83UTddtlfRflY8tTGb_dj-EiEdQc5CqjxqM3rg_ZI7ot3ffbewlWHiGGhzF_2O_1-79M5eXDVbqVVfbKijza2GQMPvuObQsUnE0znl0UleWbgTSMNAhsfcVTWaUv6YASocPW1tbP6WbKoL38c4VGNQ98-_Bkca-ph6DSmiRKS80gWaqc3eFlGB7J_a3Wdt1TJKc30jcgi33NP0W2YSWyfdbyVrIpOi4t5F9LnTY4C6leXkEzlFdZhGyifd5CcsFt7fUZlErkxQF7LLRaThKJY0z7ELQAVRt4l57ByKzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://usa.72tv.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 /
track.adform.net/serving/unload/ Frame 5F81 35 B
477 B 43ms
43ms Ping
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8169812363097254149@@61256853,2025077758844919644,100|1010|0|0|0|0|0|0|0||51|1|||||1|0|0|z24FOwElC7VX7EYoWZQhUbQGskqyTMvas7zA90qY87GFmVyq54qpVxhpnBRkvb3lA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 15:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
usa.72tv.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: ir7ehnne0d3kpte6og21qq5gp4
.72tv.ru/	1970-01-20 19:05:42	Name: _ga Value: GA1.2.312224688.1675782340
.72tv.ru/	1970-01-20 09:31:08	Name: _gid Value: GA1.2.1424603744.1675782340
.72tv.ru/	1970-01-20 09:29:42	Name: _gat_gtag_UA_63685636_2 Value: 1
.yadro.ru/	1970-01-20 18:14:13	Name: FTID Value: 1ZucZ42MgjuV1ZucZ40034vx
.yadro.ru/	1970-01-20 18:14:13	Name: VID Value: 3u6oZQ2kv4OV1ZucZ40034wW
.72tv.ru/	1970-01-20 18:15:18	Name: _ym_uid Value: 1675782341294069874
.72tv.ru/	1970-01-20 18:15:18	Name: _ym_d Value: 1675782341
.72tv.ru/	1970-01-20 09:29:42	Name: _gat Value: 1
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1634747681675782340
.yandex.ru/	1970-01-20 19:05:42	Name: i Value: /TlLafXxOjfgKoT2Q3n4p+r/TNmzDOgUl02k7YtMYwfW9jAVB5Iw1/E+ufUQbuI1l47eIE9YqtizE8+/hSNmmAbZvgo=
.yandex.ru/	1970-01-20 18:15:18	Name: yandexuid Value: 6391274931675782340
.yandex.ru/	1970-01-20 18:15:18	Name: yuidss Value: 6391274931675782340
.yandex.ru/	1970-01-20 18:15:18	Name: ymex Value: 1707318340.yc.1675782340#1707318340.yrts.1675782340#1707318340.yrtsi.1675782340
.72tv.ru/	1970-01-20 09:30:54	Name: _ym_isad Value: 2
.72tv.ru/	1970-01-20 09:29:44	Name: _ym_visorc Value: w
.72tv.ru/	1970-01-20 18:51:18	Name: __gads Value: ID=358052c31e627334-223937e6a6db00d2:T=1675782341:RT=1675782341:S=ALNI_MYPqneXG6ojlK-TwE1tAl7OfGRCLg
.72tv.ru/	1970-01-20 18:51:18	Name: __gpi Value: UID=00000bb14ecddfb9:T=1675782341:RT=1675782341:S=ALNI_MaEuRqa__MLed3IywHl8AD9wijfrw
.doubleclick.net/	1970-01-20 18:51:18	Name: IDE Value: AHWqTUkutyWKEVvjggfc1_ybTmzmhmJKpV4iC8WCFtzJq130Jy5ngm1bFBUZgoXQkU0
.adform.net/	1970-01-20 10:10:01	Name: C Value: 1
.adform.net/	1970-01-20 10:56:02	Name: uid Value: 8169812363097254149
.adform.net/	1970-01-20 09:39:47	Name: TPC Value: 1675782342284
.myao.adocean.pl/	1970-01-20 18:58:30	Name: GAD Value: KlQrZMaGQMQG1HM9ytj174lissGMXP8cERySssX6xssGvaGpI7EPoSJZL1BGG7_DGtGiXD3nG7GK8eGI6IgnGsR7IGla
.hit.gemius.pl/	1970-01-20 18:58:30	Name: Gdyn Value: KlSU-MaGQMGGQr8mItj174lissGMP19cL6nxGsRP5SbtGKGGqXj5LGllleX2GGiNxFm_RRSG
.72tv.ru/	1970-01-20 18:15:18	Name: FCNEC Value: %5B%5B%22AKsRol8LD98OOP0gxyi-yRz4iGgs9wjAfjpOoootzf_YHbs3fXzkhxCktIy9seh3vfVVBZFWR0f3F4lJw9CNhJoog1Y-POrQklZTc79eawTsKJFnlStZjUq2AZjlZNM_zasR7-SnuIq8dYdgGRrWNEDq4_BSGyYIlw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adocean-pl.hit.gemius.pl
adservice.google.com
adservice.google.pl
ajax.googleapis.com
counter.yadro.ru
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
mc.yandex.ru
myao.adocean.pl
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pro.hit.gemius.pl
s1.adform.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
usa.72tv.ru
www.google-analytics.com
www.google.com
www.google.pl
www.googletagmanager.com
www.googletagservices.com
142.250.180.194
142.250.180.228
142.250.180.230
142.250.181.227
142.250.184.200
142.250.184.206
142.250.185.66
142.250.186.162
142.250.74.194
142.251.208.170
142.251.208.99
142.251.39.2
142.251.39.42
172.217.16.129
172.217.16.194
18.66.112.19
185.11.128.197
195.177.217.225
216.239.38.178
35.171.245.46
37.143.9.70
37.157.5.142
37.157.6.234
52.51.214.106
64.233.166.156
77.88.21.119
88.212.202.52
00ed5e50599f6b1a86e2bc4493aeb8d0bc15532ecd14ae8701ce33b95da556f1
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
1eb8e96485df21ea21b77cf3e5c8aa9779d8480400ef3798bcc098d6af0b126b
21103b10d89449ac9db3d5db945080082d43b12c28107b9d19b6a88cf670a0ed
28e61bfe4ec59cb82441109a6d54ee0bd7178bb3f9c0c27fb0e62bc31e2b4bff
2a050bf03c66b3271c0d5a031b24465102cc3dd19f75f892da8d04d3aac907f3
2ad8ba0cc5ab33e43ff5d540e3c59e1424534151827f91bcda9aeadc0812b281
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e6cc68f0ea4be312715a42fcd1a1a8140e7f4a7f987053dff4acc674f8502d7
3e73301fa68d16b08e91a2697bd1fb85e97e8a029b7d193330368b43953963d6
41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e
4227c4fbbd8023aabb9203231ecfd12f77e6f264b3fdf73fa6a5900e96515d5f
48c1d3d902f27b7662e75bf9c40fc057df414493da5eb9909c5261948f919504
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
523f6019f1a7472b58752937806a87c8c7838da7ce06345388a591b00b52c906
53fbedb386443cbc53018b38c5ddc9563d61b55864af5ccbd05f518f09332a37
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558001dcb063d3fde4731d98309580dbe7d28e31488775b6327828091d96cfd7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5c7e671bb4e9d431f539857fdb45fa66da5c5270eda073e896137281fda8770e
60816f2a00688f15c5186045ee5e08f88279047018a8167560aa001dfaac68b6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bed9ebc6149815b8dbbba834802101ed6686557bb12f2e13f1506c7882df669
74fa1d6c332698929688e17532b456256a634c86abc6a20e14047acd1c2b06e7
77860b4103e2eca032a5966cdcd3553e6aa73f8e5ffe50550d6cb1478ea526bb
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7d0f825aac92eaff3bf1890006f8b4f3101551e6bbd540dc1abb6e3c8bce7195
7f9dbc4da2a0fe4d4791203df675784aad1bf2d36a43e48c0780d0a5be7a3b77
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8be83573efbff4a0e4c2464e940ae6f11cc079468162111f919321ae465ae3be
8daa938907c7ea2e15688a2eb3ac26c47c2633d0d3d49b82e9f881161d6edb94
8e42f623234f4e91ccae498120c65dd2d5c678138928cd4fa751df9c0171be8d
9082c24afd43b2e28f2c9bbf1afa521605f6725b634619f2e43af2c7e8325b83
91d5b067fefe73273b036fab32d3f2cd93de193292accc675defda11a848540a
9d240ce94dc5725ea5d9fe424af172d522f35b115b182f2a089f1febef4049b7
9d6c5cd3ea67b3f2be9c957bd0d87bd6b1fde1203ddb207c71bdcbd4b2cc4de3
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6289d9cd6ab88d70ba405980f406b61aad967a7323e9e1d744f28afdadcc317
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
bacfaf4f24a8c99c48c29e32293cd6207924d289b2bc1da4bbfeaf54b03f19b2
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c4e6a23be99c2c42388efb414e5babcc87c29480a14b5b8ebed156d4385053a6
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
ccbbcafee0d6711f41fde0b95765f8af7c0c462d951aaae7fd67af961a0b5df0
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cfab67a623597c8c1e077a8a4880447fa794f007d3954635b3eb4b97bb116e0a
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed4442108620fa7655eb7f6cae282c0775166346b1c7af45a6b6537cafe0665b
ee00e4937fb3636055b50427ca874970b63c7934bb312ae39000faa8d07e6adf
ee75b9c85f41a4aa6aba4f7dd08dae770525ef2fc1f7a39c0658903bf1cc71e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef530b3b0223cf8c853f1fbcaf1524c958fa15f6863beb4399ca7e5164b75f73
f1dd49ac7722c6d68f7672c76da5edc69cc6b0a80d488b5ecb566ca8fd4b4d9c
f9498d3cb6435b5d1ec64da808e842b1d3360db45a965e4d5fec66a99584960b

usa.72tv.ru Open in urlscan Pro 37.143.9.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

75 %HTTPS

0 %IPv6

17 Domains

28 Subdomains

28 IPs

5 Countries

1262 kBTransfer

2582 kBSize

25 Cookies

12 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

usa.72tv.ru Open in urlscan Pro
37.143.9.70 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

75 %
HTTPS

0 %
IPv6

17
Domains

28
Subdomains

28
IPs

5
Countries

1262 kB
Transfer

2582 kB
Size

25
Cookies

92 HTTP transactions
1 data transactions